ECE Seminar with Marten van Dijk

Secure Computation on Encrypted Data
With Marten van Dijk
Research Scientist
MIT Computer Science and Artificial Intelligence Laboratory
Faculty Host: Ari Trachtenberg
Refreshments will be served outside Room 339 at 3:45 p.m.
Abstract: One of the key issues in cloud computing is how to keep private data private. From financial information to medical records, sensitive data is stored and computed upon in the cloud. Computation requires the data to be exposed to the cloud servers, which may be attacked by malicious applications, hypervisors, operating systems, or by insiders. Encrypted computation has the potential to solve this data privacy problem: e.g., Fully Homomorphic Encryption (FHE) has been coined the holy grail of cryptography since it allows an untrusted server to perform computation directly on an encrypted ciphertext without having access to the decryption key. As opposed to current secure hardware solutions (e.g., Intel+TXT, XOM or Aegis), FHE does not require the user to trust any component on the server side – even the application program can be untrusted.
The first part of this talk explains recent work showing that, for encrypted execution of general programs, even efficient FHE schemes will necessarily suffer a large performance loss compared to plain computation. Motivated by large FHE overheads and FHE's limitations, the second part of this talk describes how to solve the problem of placing trust in programs by designing a tamper-resistant single-chip processor called Ascend (Architecture for Secure Computation on ENcrypted Data) that can run untrusted batch programs without leaking information about private input data over its external input/output and power pins. Surprisingly, Ascend incurs only 6.1x performance overhead relative to insecure computation, which is orders of magnitude better than what FHE can achieve.
About the Speaker: Marten van Dijk is a research scientist at the MIT Computer Science and Artificial Intelligence Laboratory with over 10 years research experience in system security, both in academia and industry. Most recently he worked for two and a half years at RSA Laboratories in cybersecurity. Prior to RSA, he was a research scientist at MIT CSAIL working together with Professor Srini Devadas with an emphasis on processor architectures that offer strong security guarantees; most notably, this collaboration led to the design of Aegis, the first single-chip secure processor that verifies integrity and freshness of external memory and led to the introduction of circuit realizations of Physical Unclonable Functions (PUFs), which resulted in a commercialization by Verayo and Intrinsic-ID. His work received the NYU-Poly AT&T Best Applied Security Paper Award (third place, 2012) and the ACSAC ’02 outstanding student paper award. Prior to working in system security he was a research scientist at the digital signal processing group at Philips Research where he became the lead inventor of the error correcting codes used in Blu-ray discs. He received a Ph.D. in mathematics, a M.S. in mathematics, and a M.S. in computer science from Eindhoven University of Technology.